Vehicle wireless internet security

ABSTRACT

Methods, systems, and computer program products for vehicle wireless internet security are provided. A connection request is received from a mobile device. A data request is transmitted to the mobile device. The data request includes a request for location-based data of the mobile device. A first data is received from the mobile device that corresponds to the data request. A vehicle data is generated that comprises location-based data of the vehicle. A match between the first data and the vehicle data is determined. A match is determined where the location based data of the mobile device is with a pre-determined threshold of the location-based data of the vehicle.

BACKGROUND OF THE INVENTION

The present invention relates generally to the field of wireless networksecurity, and more particularly to vehicle wireless network securityenhancements.

Wireless networks are used to link two or more devices using a wirelesscommunication method within a limited area. Wireless networks give usersthe ability to move around within a local coverage area and still beconnected to the network. Often, wireless network access points areprovided by a router. The router can require a user to input a securitykey to access the network.

Access points to wireless networks are increasing. For example, somemotor vehicles are equipped with infrastructure to provide wirelessnetwork access. Wireless network access within a motor vehicle can beused by passengers to access the network on a mobile device. Further,wireless network access can be used to expand the vehicles amenities.For example, network access can be used to stream music over a stereo.

SUMMARY

According to one embodiment of the present invention, a method forsecuring wireless internet in a vehicle is provided. The method includesreceiving a connection request from a mobile device; transmitting a datarequest to the mobile device, wherein the data request comprises arequest for location-based data of the mobile device; receiving a firstdata from the mobile device, wherein the first data corresponds to thedata request; generating a vehicle data, wherein the vehicle datacomprises location-based data of the vehicle; and determining whetherthe first data matches the vehicle data, wherein a match is determinedwhere the location-based data of the mobile device is within apre-determined threshold of the location-based data of the vehicle.

According to another embodiment of the present invention, a computerprogram product for securing wireless internet in a vehicle is provided.The computer program product comprises a computer readable storagemedium and program instructions stored on the computer readable storagemedium. The program instructions include program instructions to receivea connection request from a mobile device; program instructions totransmit a data request to the mobile device, wherein the data requestcomprises a request for location-based data of the mobile device;program instructions to receive a first data from the mobile device,wherein the first data corresponds to the data request; programinstructions to generate a vehicle data, wherein the vehicle datacomprises location-based data of the vehicle; and program instructionsto determine whether the first data matches the vehicle data, wherein amatch is determined where the location-based data of the mobile deviceis within a pre-determined threshold of the location-based data of thevehicle.

According to another embodiment of the present invention, a computersystem for securing wireless internet in a vehicle is provided. Thecomputer system includes one or more computer processors, one or morecomputer readable storage media, and program instructions stored on thecomputer readable storage media for execution by at least one of the oneor more processors. The program instructions include programinstructions to receive a connection request from a mobile device;program instructions to transmit a data request to the mobile device,wherein the data request comprises a request for location-based data ofthe mobile device; program instructions to receive a first data from themobile device, wherein the first data corresponds to the data request;program instructions to generate a vehicle data, wherein the vehicledata comprises location-based data of the vehicle; and programinstructions to determine whether the first data matches the vehicledata, wherein a match is determined where the location-based data of themobile device is within a pre-determined threshold of the location-baseddata of the vehicle.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a functional block diagram illustrating a computingenvironment, in accordance with an embodiment of the present invention;

FIG. 2 is a flowchart depicting operations for enhancing vehicleinternet security, on a computing device within the computingenvironment of FIG. 1, in accordance with an embodiment of the presentinvention; and

FIG. 3 is a block diagram of components of a computing device executingoperations for enhancing vehicle internet security, in accordance withan embodiment of the present invention.

DETAILED DESCRIPTION

An embodiment of the present invention recognizes the need for securewireless network connections where new points of access are created.Wireless network access in motor vehicles is a new point of access.Currently, access to wireless networks in vehicles is controlled bysecurity keys, such as those used for home and business routers. Wherepassengers of a vehicle are frequently changing (e.g., taxis or buses)traditional security keys can be difficult to distribute efficiently. Insome cases, vehicle network access may default to unsecured access toavoid the difficulties of distributing a security key. In these cases,network access is left unsecured.

An embodiment of the present invention provides wireless networksecurity without the need for a security key. An embodiment of thepresent invention uses velocity information from a vehicle and a mobiledevice to secure the wireless network. The velocity of a mobile deviceis compared to the velocity of a vehicle to determine whether the mobiledevice is being used by a passenger located in the vehicle or by a userlocated outside of the vehicle. Network access can be granted to amobile device based on a determination that mobile device is locatedwithin the vehicle.

The present invention will now be described in detail with reference tothe Figures. FIG. 1 is a functional block diagram illustrating acomputing environment, in accordance with an embodiment of the presentinvention. For example, FIG. 1 is a functional block diagramillustrating computing environment 100. Computing environment 100includes computing device 102 and mobile device 110 connected overnetwork 120. Computing device 102 includes security program 104 andsensor 106.

In various embodiments, computing device 102 is a computing device thatcan be a standalone device, a server, a laptop computer, a tabletcomputer, a netbook computer, a personal computer (PC), or a desktopcomputer. In another embodiment, computing device 102 represents acomputing system utilizing clustered computers and components to act asa single pool of seamless resources. In general, computing device 102can be any computing device or a combination of devices with access tomobile device 110, and with access to and/or capable of executingsecurity program 104 and sensor 106. Computing device 102 may includeinternal and external hardware components, as depicted and described infurther detail with respect to FIG. 3. In some embodiments, computingdevice 102 is located within a motor vehicle. In some embodiments,computing device 102 is or comprises a network routing device.

In some embodiments, security program 104 is stored on computing device102. In other embodiments, security program 104 may reside on anothercomputing device, provided that it can access and is accessible by eachof mobile device 110, network 120, and sensor 106. In yet otherembodiments, one or both of security program 104 and sensor 106 may bestored or reside externally and may be accessed through a communicationnetwork, such as network 120. Network 120 can be, for example, a localarea network (LAN), a wide area network (WAN) such as the Internet, or acombination of the two, and may include wired, wireless, fiber optic orany other connection known in the art. In general, network 120 can beany combination of connections and protocols that will supportcommunications between computing device 102 and mobile device 110, inaccordance with a desired embodiment of the present invention.

Security program 104 operates to regulate wireless network access ofmobile devices through a router located within a vehicle. Securityprogram 104 receives limited interaction from mobile device 110. Thelimited interaction includes a request to connect to a local areanetwork (not shown) and exchange of various security credentials. Forexample, security credentials can include a security key, velocity dataof mobile device 110, or historical velocity data of mobile device 110.In some embodiments, security program 104 receives data from sensor 106,sensor 112, or both. Security program 104 uses the data from sensor 106and mobile device 110 to permit or deny mobile device 110 to access thelocal area network. Mobile device 110 and computing device 102wirelessly communicate via network 120. In one embodiment, computingdevice 102 grants or denies access of mobile device 110 to a networkother than network 120 (e.g., a wide area network or the Internet). Inanother embodiment, computing device 102 grants or denies access ofmobile device 110 to resources of network 120 other than computingdevice 102 (e.g., other mobile devices or local area network resources).

In some embodiments, security program 104 is used to generate revenuefor a taxi or public transportation. For example, passengers are offerednetwork access for a fee. If a passenger agrees to pay the fee, thedriver can enable security program 104 to allow the passenger to accessthe network. Where the passenger does not agree to pay the fee or aftera paying passenger leaves the vehicle, security program 104 can bedisabled, preventing other mobile devices from accessing the network.

Sensor 106 operates to determine information of the vehicle. Sensor 106may provide the sensor data to security program 104. In someembodiments, sensor 106 is a global positioning device (GPS) thatdetermines a location of the vehicle at multiple points in time, basedon which sensor 106 may determine the speed and direction of thevehicle. In some embodiments, sensor 106 determines an acceleration ofthe vehicle. In one embodiment, sensor 106 gathers vehicle sensor datain real time. In some embodiments, data collected from sensor 106 isstored to a database of computing device 102. In these embodiments, thecollected data is used as historical velocity data of computing device102. In some embodiments, historical velocity data includes the lengthor duration of travel. For example, the historical velocity datareflects that the vehicle has been in motion for a certain duration oftime or, in another example, a certain distance.

In various embodiments of the present invention, mobile device 110 canbe a laptop computer, a tablet computer, a netbook computer, a personalcomputer (PC), a desktop computer, a personal digital assistant (PDA), asmart phone, or any programmable electronic device capable ofcommunicating with computing device 102 via network 120. Mobile device110 includes sensor 112.

Sensor 112 operates to determine location information of mobile device110. Sensor 112 may provide, directly or indirectly, the sensor data tosecurity program 104. In some embodiments, sensor 112 is a globalpositioning device (GPS) that determines a location of mobile device 110at multiple points in time, based on which sensor 112 may determine thespeed and direction (i.e., the velocity) of mobile device 110. In someembodiments, sensor 112 determines an acceleration of mobile device 110.In one embodiment, sensor 112 gathers sensor data of mobile device 110in real time. In some embodiments, data collected from sensor 112 isstored to a database. In these embodiments, the collected data is usedas historical velocity data of mobile device 110. In some embodiments,historical velocity data includes the length or duration of travel. Forexample, the historical velocity data reflects that the mobile devicehas been in motion for a certain duration of time or, in anotherexample, a certain distance.

FIG. 2 is a flowchart depicting operations for enhancing vehicle networksecurity, on a computing device within the computing environment of FIG.1, in accordance with an embodiment of the present invention. Forexample, FIG. 2 is a flowchart depicting operations 200 of securityprogram 104, on computing device 102 within computing environment 100.

In step 202, security program 104 receives a connection request from amobile device (e.g., mobile device 110). In some embodiments, theconnection request is in response to the mobile device attempting toaccess a wireless network. For example, a user of mobile device 110attempts to connect to the network through network settings on mobiledevice 110. In some embodiments, the mobile device has limited access tothe network (e.g., network 120) until security program 104 authenticatesthe security of the mobile device using operations 200. For example,mobile device 110 is limited to communicating connection requests anddata requested by security program 104. In another example, securityprogram 104 limits access of mobile device 110 to a network resourceindicating that mobile device 110 is not authorized to access thenetwork.

In step 204, security program 104 transmits a data request to the mobiledevice. In some embodiments, the data request is for the real timevelocity of the mobile device. For example, the velocity is determinedby GPS sensor in mobile device 110. In other embodiments, securityprogram 104 requests historical velocity data. For example, securityprogram 104 requests velocity data from mobile device 110 for apredetermined period prior to the request (e.g., 30 seconds). In someembodiments, the predetermined period is configurable. In someembodiments, historical velocity data is used where the vehicle is atrest (e.g., at a stop light). In other embodiments, historical velocitydata is used where there is a high likelihood that surrounding vehiclesare traveling at the same velocity (e.g., rush-hour traffic), where amobile device in a neighboring vehicle might try to access the vehiclesnetwork.

In step 206, security program 104 receives data from the mobile device.In some embodiments, the data is the real time velocity of the mobiledevice as determined by a sensor in the mobile device. In someembodiments, the data includes a timestamp that indicates when the datawas collected from the sensor. In other embodiments, the data receivedis historical velocity data that indicates the velocity of the mobiledevice over a time period.

In decision 208, security program 104 determines whether the receiveddata matches vehicle data. For example, a sensor located within (oraffixed to) the vehicle determines the vehicle's velocity, acceleration,etc. In another example, security program 104 determines the vehicle'svelocity, acceleration, etc. based on sensor data of sensor 106. In someembodiments, this data is stored to be used as historical velocity dataof the vehicle. Security program 104 compares the data received from themobile device with the data of the vehicle's sensor. If security program104 determines that the received data matches the data from the vehiclesensor (decision 208, YES branch), then security program 104 connectsthe mobile device to the network. In one embodiment, the match must bewithin a specified threshold. For example, the velocity must be in thesame direction (e.g., within a predetermined number of degrees) andwithin a specified mile per hour range (e.g., within one mile per hour).In another example, the mobile device must be located with apredetermined proximity of computing device 102 at one or more times. Ifsecurity program 104 determines that the received data does not matchthe data from the vehicle sensor (decision 208, NO branch), thensecurity program 104 prompts the user of the mobile device for asecurity key (step 214).

In some embodiments, security program 104 determines whether thereceived data matches vehicle data based on a path of travel of mobiledevice 110 and a path of travel of computing device 102. In suchembodiments, historical velocity data of computing device 102 includescoordinates and timestamps reflecting the location of computing device102 at various times. Similarly, historical velocity data of mobiledevice 110 includes coordinates and timestamps reflecting the locationof mobile device 110 at various times. Security program 104 models apath of travel for each of computing device 102 and mobile device 110based on the locations of each at various times. Security program 104determines that the received data (i.e., the data corresponding tomobile device 110) matches the vehicle data (i.e., the datacorresponding to the computing device 102) by comparing the paths oftravel to one another using one or more linear algebra techniques. Forexample, security program 104 determines that the data match if adifference (e.g., a Fréchet distance or a Hausdorff distance) betweenthe two paths of travel is below a predetermined threshold.

In step 210, security program 104 allows the mobile device to connect tothe network. In some embodiments, security program 104 allows the mobiledevice to connect to a WAN such as the Internet. In other embodiments,security program 104 allows the mobile device to connect to a localnetwork. In some embodiments, security program 104 connects the mobiledevice to a payment gateway via which a user of the mobile device mayprovide payment information. In response to receiving such paymentinformation, security program 104 allow the mobile device to access thenetwork.

In step 212, security program 104 verifies the data. Security program104 verifies the data to determine whether the mobile device shouldretain access to the network. In one embodiment, security program 104verifies the data by returning to step 204 in order to request updatedsensor data from the mobile device. In some embodiments, securityprogram 104 intermittently verifies that the mobile device is locatedwithin the vehicle. In some embodiments, the verification is done at setintervals (e.g., verification is done every twenty minutes). For exampleafter security program 104 allows a network connection of a mobiledevice (see step 210), security program 104 verifies the data of themobile device in response to a predetermined duration of time elapsing.In this example, security program 104 verifies the data by requestingupdated sensor data (step 204). In another embodiment, security program104 verifies the data of the mobile device in response to detecting achange in acceleration and/or velocity of the vehicle. For example, inresponse to detecting that the vehicle is no longer stationary, securityprogram 104 verifies the data of one or more mobile devices for whichnetwork connections were previously allowed (step 212) by requestingupdated sensor data from the mobile device (step 204)

In step 214, security program 104 requests a security key. In someembodiments, where security program 104 is unable to authenticate thesecurity of a mobile device through operations 202 through 212, securityprogram 104 prompts the mobile device for a security key. In oneembodiment, security program 104 allows a mobile device to connect if(and only if) the mobile device provides a security key that satisfiesthe challenge of security program 104. In various examples, the securitykey may be a password, token, digital certificate, or otherauthorization technique. In some embodiments, security program 104allows a network connection of a mobile device authentication viasecurity key indefinitely. In one embodiment, security program 104terminates network connections of mobile devices authenticated viasecurity key in response to a change in the predetermined security key(e.g., by the vehicle owner).

FIG. 3 is a block diagram of components of a computing device, generallydesignated 300, in accordance with an embodiment of the presentinvention. In one embodiment, computing device 300 is representative ofcomputing device 102. For example, FIG. 3 is a block diagram ofcomputing device 102 within computing environment 100 executingoperations of sub-string searching program 104.

It should be appreciated that FIG. 3 provides only an illustration ofone implementation and does not imply any limitations with regard to theenvironments in which different embodiments may be implemented. Manymodifications to the depicted environment may be made.

Computing device 300 includes communications fabric 308, which providescommunications between computer processor(s) 302, memory 304, cache 306,persistent storage 310, communications unit 314, and input/output (I/O)interface(s) 312. Communications fabric 308 can be implemented with anyarchitecture designed for passing data and/or control informationbetween processors (such as microprocessors, communications and networkprocessors, etc.), system memory, peripheral devices, and any otherhardware components within a system. For example, communications fabric308 can be implemented with one or more buses.

Memory 304 and persistent storage 310 are computer-readable storagemedia. In this embodiment, memory 304 includes random access memory(RAM). In general, memory 304 can include any suitable volatile ornon-volatile computer readable storage media. Cache 306 is a fast memorythat enhances the performance of processors 302 by holding recentlyaccessed data, and data near recently accessed data, from memory 304.

Program instructions and data used to practice embodiments of thepresent invention may be stored in persistent storage 310 and in memory304 for execution by one or more of the respective processors 302 viacache 306. In an embodiment, persistent storage 310 includes a magnetichard disk drive. Alternatively, or in addition to a magnetic hard diskdrive, persistent storage 310 can include a solid state hard drive, asemiconductor storage device, read-only memory (ROM), erasableprogrammable read-only memory (EPROM), flash memory, or any othercomputer readable storage media that is capable of storing programinstructions or digital information.

The media used by persistent storage 310 may also be removable. Forexample, a removable hard drive may be used for persistent storage 310.Other examples include optical and magnetic disks, thumb drives, andsmart cards that are inserted into a drive for transfer onto anothercomputer-readable storage medium that is also part of persistent storage310.

Communications unit 314, in these examples, provides for communicationswith other data processing systems or devices, including resources ofnetwork 120. In these examples, communications unit 314 includes one ormore network interface cards. Communications unit 314 may providecommunications through the use of either or both physical and wirelesscommunications links. Program instructions and data used to practiceembodiments of the present invention may be downloaded to persistentstorage 310 through communications unit 314.

I/O interface(s) 312 allows for input and output of data with otherdevices that may be connected to computing device 300. For example, I/Ointerface 312 may provide a connection to external devices 316 such as akeyboard, keypad, a touch screen, and/or some other suitable inputdevice. External devices 316 can also include portable computer-readablestorage media such as, for example, thumb drives, portable optical ormagnetic disks, and memory cards. Software and data used to practiceembodiments of the present invention (e.g., software and data) can bestored on such portable computer-readable storage media and can beloaded onto persistent storage 310 via I/O interface(s) 312. I/Ointerface(s) 312 also connect to a display 318.

Display 318 provides a mechanism to display data to a user and may be,for example, a computer monitor, or a television screen.

The present invention may be a system, a method, and/or a computerprogram product. The computer program product may include a computerreadable storage medium (or media) having computer readable programinstructions thereon for causing a processor to carry out aspects of thepresent invention.

The computer readable storage medium can be a tangible device that canretain and store instructions for use by an instruction executiondevice. The computer readable storage medium may be, for example, but isnot limited to, an electronic storage device, a magnetic storage device,an optical storage device, an electromagnetic storage device, asemiconductor storage device, or any suitable combination of theforegoing. A non-exhaustive list of more specific examples of thecomputer readable storage medium includes the following: a portablecomputer diskette, a hard disk, a random access memory (RAM), aread-only memory (ROM), an erasable programmable read-only memory (EPROMor Flash memory), a static random access memory (SRAM), a portablecompact disc read-only memory (CD-ROM), a digital versatile disk (DVD),a memory stick, a floppy disk, a mechanically encoded device such aspunch-cards or raised structures in a groove having instructionsrecorded thereon, and any suitable combination of the foregoing. Acomputer readable storage medium, as used herein, is not to be construedas being transitory signals per se, such as radio waves or other freelypropagating electromagnetic waves, electromagnetic waves propagatingthrough a waveguide or other transmission media (e.g., light pulsespassing through a fiber-optic cable), or electrical signals transmittedthrough a wire.

Computer readable program instructions described herein can bedownloaded to respective computing/processing devices from a computerreadable storage medium or to an external computer or external storagedevice via a network, for example, the Internet, a local area network, awide area network and/or a wireless network. The network may comprisecopper transmission cables, optical transmission fibers, wirelesstransmission, routers, firewalls, switches, gateway computers and/oredge servers. A network adapter card or network interface in eachcomputing/processing device receives computer readable programinstructions from the network and forwards the computer readable programinstructions for storage in a computer readable storage medium withinthe respective computing/processing device.

Computer readable program instructions for carrying out operations ofthe present invention may be assembler instructions,instruction-set-architecture (ISA) instructions, machine instructions,machine dependent instructions, microcode, firmware instructions,state-setting data, or either source code or object code written in anycombination of one or more programming languages, including an objectoriented programming language such as Smalltalk, C++ or the like, andconventional procedural programming languages, such as the “C”programming language or similar programming languages. The computerreadable program instructions may execute entirely on the user'scomputer, partly on the user's computer, as a stand-alone softwarepackage, partly on the user's computer and partly on a remote computeror entirely on the remote computer or server. In the latter scenario,the remote computer may be connected to the user's computer through anytype of network, including a local area network (LAN) or a wide areanetwork (WAN), or the connection may be made to an external computer(for example, through the Internet using an Internet Service Provider).In some embodiments, electronic circuitry including, for example,programmable logic circuitry, field-programmable gate arrays (FPGA), orprogrammable logic arrays (PLA) may execute the computer readableprogram instructions by utilizing state information of the computerreadable program instructions to personalize the electronic circuitry,in order to perform aspects of the present invention.

Aspects of the present invention are described herein with reference toflowchart illustrations and/or block diagrams of methods, apparatus(systems), and computer program products according to embodiments of theinvention. It will be understood that each block of the flowchartillustrations and/or block diagrams, and combinations of blocks in theflowchart illustrations and/or block diagrams, can be implemented bycomputer readable program instructions.

These computer readable program instructions may be provided to aprocessor of a general purpose computer, special purpose computer, orother programmable data processing apparatus to produce a machine, suchthat the instructions, which execute via the processor of the computeror other programmable data processing apparatus, create means forimplementing the functions/acts specified in the flowchart and/or blockdiagram block or blocks. These computer readable program instructionsmay also be stored in a computer readable storage medium that can directa computer, a programmable data processing apparatus, and/or otherdevices to function in a particular manner, such that the computerreadable storage medium having instructions stored therein comprises anarticle of manufacture including instructions which implement aspects ofthe function/act specified in the flowchart and/or block diagram blockor blocks.

The computer readable program instructions may also be loaded onto acomputer, other programmable data processing apparatus, or other deviceto cause a series of operational steps to be performed on the computer,other programmable apparatus or other device to produce a computerimplemented process, such that the instructions which execute on thecomputer, other programmable apparatus, or other device implement thefunctions/acts specified in the flowchart and/or block diagram block orblocks.

The flowchart and block diagrams in the Figures illustrate thearchitecture, functionality, and operation of possible implementationsof systems, methods, and computer program products according to variousembodiments of the present invention. In this regard, each block in theflowchart or block diagrams may represent a module, segment, or portionof instructions, which comprises one or more executable instructions forimplementing the specified logical function(s). In some alternativeimplementations, the functions noted in the block may occur out of theorder noted in the Figures. For example, two blocks shown in successionmay, in fact, be executed substantially concurrently, or the blocks maysometimes be executed in the reverse order, depending upon thefunctionality involved. It will also be noted that each block of theblock diagrams and/or flowchart illustration, and combinations of blocksin the block diagrams and/or flowchart illustration, can be implementedby special purpose hardware-based systems that perform the specifiedfunctions or acts or carry out combinations of special purpose hardwareand computer instructions.

The descriptions of the various embodiments of the present inventionhave been presented for purposes of illustration, but are not intendedto be exhaustive or limited to the embodiments disclosed. Manymodifications and variations will be apparent to those of ordinary skillin the art without departing from the scope and spirit of the invention.The terminology used herein was chosen to best explain the principles ofthe embodiment, the practical application or technical improvement overtechnologies found in the marketplace, or to enable others of ordinaryskill in the art to understand the embodiments disclosed herein.

What is claimed is:
 1. A method comprising: receiving, by one or moreprocessors, a connection request from a mobile device; transmitting, byone or more processors, a data request to the mobile device, wherein:the data request comprises a request for location-based data of themobile device; and the location-based data of the mobile device includesa velocity of the mobile device; receiving, by one or more processors, afirst data from the mobile device, wherein the first data corresponds tothe data request; generating, by one or more processors, a vehicle data,wherein: the vehicle data comprises location-based data of the vehicle;and the location-based data of the vehicle includes a velocity of thevehicle; determining, by one or more processors, whether the first datamatches the vehicle data, wherein a match is determined where thelocation-based data of the mobile device is within a pre-determinedthreshold of the location-based data of the vehicle; and in response todetermining that the first data matches the vehicle data, connecting, byone or more processors, the mobile device to a network.
 2. The method ofclaim 1, further comprising: in response to determining that a secondvehicle data does not match a third data from a second mobile device,prompting, by one or more processors, the second mobile device for asecurity key; receiving, by one or more processors, a first security keyfrom the second mobile device; and determining, by one or moreprocessors, whether the first security key matches an expected response.3. The method of claim 2, further comprising: in response to determiningthat the first security key matches the expected response, allowing, byone or more processors, the second mobile device to connect to thenetwork.
 4. The method of claim 2, further comprising: in response todetermining that the first security key does not match the expectedresponse, blocking, by one or more processors, access of the secondmobile device to the network.
 5. The method of claim 1, furthercomprising: re-authenticating, by one or more processors, the mobiledevice, by: transmitting, by one or more processors, a second datarequest from the mobile device, wherein the second data requestcomprises a request for an updated velocity of the mobile device;receiving, by one or more processors, a second data from the mobiledevice, wherein the second data corresponds to the second data request;re-generating, by one or more processors, the vehicle data, includinggenerating an updated velocity of the vehicle; and determining, by oneor more processors, whether the second data matches the vehicle databased, at least in part, on the updated velocity of the mobile deviceand updated velocity of the vehicle.
 6. The method of claim 5, whereinre-authenticating the mobile device is in response to determining thatan acceleration of the vehicle is not equal to zero.
 7. The method ofclaim 1, wherein the location-based data of the mobile device furtherincludes historical velocity data of the mobile device and wherein thelocation-based data of the vehicle further includes historical velocitydata of the vehicle, wherein each historical velocity data includes aplurality of locations and corresponding timestamps.
 8. A computerprogram product, the computer program product comprising: a computerreadable storage medium and program instructions stored on the computerreadable storage medium, the program instructions comprising: programinstructions to receive a connection request from a mobile device;program instructions to transmit a data request to the mobile device,wherein: the data request comprises a request for location-based data ofthe mobile device; and the location-based data of the mobile deviceincludes a velocity of the mobile device; program instructions toreceive a first data from the mobile device, wherein the first datacorresponds to the data request; program instructions to generate avehicle data, wherein: the vehicle data comprises location-based data ofthe vehicle; and the location-based data of the vehicle includes avelocity of the vehicle; program instructions to determine whether thefirst data matches the vehicle data, wherein a match is determined wherethe location-based data of the mobile device is within a pre-determinedthreshold of the location-based data of the vehicle; and programinstructions to, in response to determining the first data matches thevehicle data, connect the mobile device to a network.
 9. The computerprogram product of claim 8, further comprising; program instructions to,in response to determining that a second vehicle data does not match athird data from a second mobile device, prompt the second mobile devicefor a security key; program instructions to receive a first security keyfrom the second mobile device; and program instructions to determinewhether the first security key matches an expected response.
 10. Thecomputer program product of claim 9, further comprising: programinstructions to, in response to determining that the first security keymatches the expected response, allow the second mobile device to connectto the network.
 11. The computer program product of claim 8, furthercomprising: program instructions to re-authenticate the mobile device,by: program instructions to transmit a second data request from themobile device, wherein the second data request comprises a request foran updated velocity of the mobile device; program instructions toreceive a second data from the mobile device, wherein the second datacorresponds to the second data request; program instructions tore-generate the vehicle data, including generating an updated velocityof the vehicle; and program instructions to determine whether the seconddata matches the vehicle data based, at least in part, on the updatedvelocity of the mobile device and updated velocity of the vehicle. 12.The computer program product of claim 11, wherein re-authenticating themobile device is in response to determining that an acceleration of thevehicle is not equal to zero.
 13. A computer system, the computer systemcomprising: one or more computer processors; one or more computerreadable storage media; program instructions stored on the computerreadable storage media for execution by at least one of the one or moreprocessors, the program instructions comprising: program instructions toreceive a connection request from a mobile device; program instructionsto transmit a data request to the mobile device, wherein: the datarequest comprises a request for location-based data of the mobiledevice; and the location-based data of the mobile device includes avelocity of the mobile device; program instructions to receive a firstdata from the mobile device, wherein the first data corresponds to thedata request; program instructions to generate a vehicle data, wherein:the vehicle data comprises location-based data of the vehicle; and thelocation-based data of the vehicle includes a velocity of the vehicle;program instructions to determine whether the first data matches thevehicle data, wherein a match is determined where the location-baseddata of the mobile device is within a pre-determined threshold of thelocation-based data of the vehicle; and program instructions to, inresponse to determining the first data matches the vehicle data, connectthe mobile device to a network.
 14. The computer system of claim 13,further comprising; program instructions to, in response to determiningthat a second vehicle data does not match a third data from a secondmobile device, prompt the second mobile device for a security key;program instructions to receive a first security key from the secondmobile device; and program instructions to determine whether the firstsecurity key matches an expected response.
 15. The computer system ofclaim 14, further comprising: program instructions to, in response todetermining that the first security key matches the expected response,allow the second mobile device to connect to the network.
 16. Thecomputer system of claim 13, further comprising: program instructions tore-authenticate the mobile device, by: program instructions to transmita second data request from the mobile device, wherein the second datarequest comprises a request for an updated velocity of the mobiledevice; program instructions to receive a second data from the mobiledevice, wherein the second data corresponds to the second data request;program instructions to re-generate the vehicle data, includinggenerating an updated velocity of the vehicle; and program instructionsto determine whether the second data matches the vehicle data based, atleast in part, on the updated velocity of the mobile device and updatedvelocity of the vehicle.
 17. The computer system of claim 16, whereinre-authenticating the mobile device is in response to determining thatan acceleration of the vehicle is not equal to zero.